HOME > CASE STUDIES


   CASE STUDIES

CERT-In Case Study CICS-2010-01

Mariposa Botnet (Autorun/Palevo/Rimecud/Pilleuz)

Mariposa is a collection of compromised computers, under the control of a single malicious entity. called as Botnet. The name Mariposa refers to the botnet not to the malware it utilizes. The Mariposa is the Spanish name of Butterfly. Mariposa showed a significant increase in traffic to its command and control servers and infecting/compromising large number of computer systems around the world. This botnet uses blended malwares for fast spread and to make large number of computer systems actively participate in botnet. CERT-In Case Study CICS-2010-01 contain detailed analysis of Mariposa Botnet.

Download Document

CERT-In Case Study CICS-2009-01

Series of Mass iframe Injection on Websites-Serving Blended Malware

During last week of August 2009, it has been observed that thousands of websites have been compromised and infected with iframe script tags linking users to malicious JavaScript file hosted on domain " a0v [d0t] org ". It has been found that most of the websites running in support of ASP engine are infected. Details of multiple redirections and infection is illustrated in CERT-In Case Study CICS-2009-01.
Download Document

CERT-In Case Study CICS-2008-02

Website Compromise and launch of further attacks by exploiting SQL injection Vulnerability

In the month of May CERT-In observed that mass SQL Injection attacks are spreading in the wild injecting java scripts into vulnerable websites. There were multiple reports about a large number of web sites being compromised by SQL injection attack and serving malware. Database Security and vulnerability Analysis Team of CERT -In thoroughly analyzed the attack and identified the vulnerabilities.
Download Document

CERT-In Case Study CICS-2008-01

Website Compromise and launch of further attacks by exploiting PHP Remote File Injection Vulnerability

CERT-In tracks defacement of Indian websites on a regular basis. An incident of website defacement of ‘ABC’ Organization was reported to CERT-In in August, 2007. The Artifact Analysis Team of CERT-In thoroughly analyzed the attack and identified the vulnerabilities which were being exploited to compromise the website. After compromising the website, the attacker used the compromised host to compromise Other website over the internet.
Download Document


"Install genuine and updated software
to strengthen your online safety and security"